Purpose – The article brings attention to the importance of corporate values and concrete leadership enactment of those values as a necessary condition for effective risk management outcomes.
Design/methodology/approach – The content is based on practice-based research experiences supported by relevant literatures on risk governance and values-based management complemented with insights from case analyses and empirical studies.
Findings – The paper explains why formal risk management approaches have limitations and outlines how the presence of official policies and codes of conduct is insufficient to deal with dynamic and complex high-impact situations where strong core values heeded by the corporate leadership, in contrast, leads the way to better risk behaviors throughout the organization. Major disasters in British Petroleum over the past decade illustrate how a formal code of conduct failed to do the job when the leadership in reality gave first priority to profits at the expense of the stated environmental values. The prioritized code of the US Coast Guard is used to illustrate the circumstances where core values support effective crisis, disaster and risk management outcomes.
Originality/value – The paper goes against conventional wisdom of imposing tighter rules and regulations with formal controls as a panacea to cope with major disasters and shows why simpler means of guiding core values combined with delegation of responsibility to act under unexpected conditions is important in both private and public enterprise.